zoldax / NHSuite
NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export, import, and fetch domain information in a CSV format.
☆26Updated 10 months ago
Related projects ⓘ
Alternatives and complementary repositories for NHSuite
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆51Updated 5 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆368Updated this week
- Sysmon configuration file template with default high-quality event tracing☆454Updated 9 months ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆78Updated 3 months ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Updated this week
- Fortinet products logs to Elasticsearch☆89Updated 2 months ago
- This repository contains Community and Field contributed content for LogScale☆162Updated 2 weeks ago
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆597Updated 2 months ago
- Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …☆121Updated last year
- Cyber Incident Response Team Playbook Battle Cards☆360Updated 6 months ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆246Updated 3 years ago
- ☆15Updated 2 years ago
- Repository of SentinelOne Deep Visibility queries.☆119Updated 3 years ago
- ☆58Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆529Updated 2 months ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆465Updated this week
- Real-time Response scripts and schema☆104Updated 11 months ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆274Updated 3 years ago
- Push your Sophos UTM log's in your ElasticSearch after a grokking it with Logstash☆11Updated 5 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆266Updated 10 months ago
- This is a sample script how to parse the Talos blogs, and automatically add observables to Cisco Casebook.☆18Updated last year
- PowerShell module for SentinelOne API☆25Updated 3 years ago
- Tools to help you with daily tasks of configuring/debugging/monitoring Fortinet products - Fortigate, FortiAnalyzer, Fortimanager. I do n…☆72Updated 6 months ago
- Main MineMeld documentation repo☆380Updated 7 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆768Updated last year
- Samples code that uses QRadar API's☆199Updated 4 years ago
- CyLR - Live Response Collection Tool☆646Updated 2 years ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆852Updated 4 years ago